The idle musings of a former military man, former computer geek, medically retired pastor and now full-time writer. Contents guaranteed to offend the politically correct and anal-retentive from time to time. My approach to life is that it should be taken with a large helping of laughter, and sufficient firepower to keep it tamed!

Wednesday, March 30, 2011

Was there a major security breach at AT&T last week???

Quietly this morning [March 22nd, 2011] customers of AT&T browsing Facebook did so by way of China then Korea. Typically AT&T customers’ data would have routed over the AT&T network directly to Facebook’s network provider but due to a routing mistake their private data went first to Chinanet then via Chinanet to SK Broadband in South Korea, then to Facebook. This means that anything you looked at via Facebook without encryption was exposed to anyone operating Chinanet, which has a very suspect Modus operandi.

. . .

What could have happened with your data? Most likely absolutely nothing. Yet, China is well known for it’s harmful networking practices by limiting network functionality and spying on its users, and when your data is flowing over their network, your data could be treated as any Chinese citizens’. Does that include capturing your session ID information, personal information, emails, photos, chat conversations, mappings to your friends and family, etc? One could only speculate, however it’s possible.

This brings up a lot of questions:

Should Facebook and or AT&T have notified their customers that their personal information was flowing over a network that they may not trust?

Should Facebook enable SSL on all accounts by default?

Was this actually a privacy breach or just the way the Internet functions?

Does Facebook have an ethical responsibility to buy additional IP connectivity to major broadband and mobile networks to prevent routing mishaps?

Is it time to focus on new options within BGP to prevent high profile sites from routing to non-authenticated networks?

This raises all sorts of questions! Who authorized this re-routing? Was it, in fact, authorized at all, or was AT&T's network 'hacked' by outsiders to re-route this traffic? Why haven't we heard more about this in the mainstream media?

If anyone has any more information about this incident, or links to Web sites with more information, would you please post it as a comment? I'd love to know what happened.